The invention relates to a method and system for authenticating internet user identity, and more particularly, to a method and system for authenticating internet user identity by cross-referencing the geographical location of a internet user's Communication voice device, such as a mobile voice device, a Voice over Internet Protocol (hereinafter VoIP) telephone or non-mobile telephone, and the location of a client Internet Protocol (hereinafter IP address).
The use of the internet has become a common a popular arena for the sale of goods and services. Such sales require the transmission of personal and confidential data belonging to the buyer of such goods and services. Such information is often the target of identity theft. In response to the increase in the opportunity for the commission of fraud through identity theft, sellers and providers of goods and services through the internet require a method whereby such fraud can be reduced.
With respect to internet usage, upon accessing the internet, an internet user's computer is identified with an IP address, it should be understood that IP Address means any internet communication protocol such as but not limited to IPV4 and IPV6. And whenever the internet user enters a website, the internet user's IP address is identified to the website owner. Such identified IP addresses can be traceable geographically to its source so as to determine the location (state and city) of the internet user, in some cases the IP address can be traced to a radius of a few miles from its source. The comparison of the geographical location of the internet user IP address, with the geographical location of said internet user Communication voice device can provide the seller or provider a means to authenticate the identify of the internet user.
U.S. patent application Pub. No. 2001/0034718 A1 to Shaked et al. discloses a method of controlling access to a service over a network, including the steps of automatically identifying a service user and acquiring user information, thereby to control access. Additionally, a method of providing service over a network, in which the service requires identification of a user, including the steps of automatically identifying the user and associating the user with user information, thus enabling the service, is disclosed.
U.S. Pat. No. 6,466,779 to Moles et al. discloses a security apparatus for use in a wireless network including base stations communicating with mobile stations for preventing unprovisioned mobile stations from accessing an internet protocol (IP) data network via the wireless network.
U.S. patent application Pub. No. 2002/0188712 A1 to Caslin et al. discloses a fraud monitoring system for a communications system. The fraud monitoring system analyzes records of usage activity in the system and applies fraud pattern detection algorithms to detect patterns indicative of fraud. The fraud monitoring system accommodates both transaction records resulting from control of a packet-switched network and those from a circuit-switched network gateway.
U.S. patent application Pub. No. 2003/0056096 A1 to Albert et al. discloses a method to securely authenticate user credentials. The method includes encrypting a user credential with a public key at an access device. The public key is part of a public/private key pair suitable for use with encryption algorithm. The decrypted user credential is then transmitted from the decryption server to an authentication server for verification. The decryption server typically forms part of a multi-party service access environment including a plurality of access providers. This method can be used in legacy protocols, such as Point-to-Point Protocol (PPP), Password Authentication Protocol (PAP), Challenge-Handshake Authentication Protocol (CHAP), Remote Authentication Dial in User Server (RADIUS) protocol, Terminal Access Controller Access Control System (TACAS) protocol, Lightweight. Directory Access Protocol (LDAP), NT Domain authentication protocol, Unix password authentication protocol, Hypertext Transfer Protocol (HTTP), Hypertext Transfer Protocol over Secure sockets layer (HTTPS), Extended Authentication Protocol (EAP), Transport Layer Security (TLS) protocol, Token Ring protocol, and/or Secure Remote Password protocol (SRP).
U.S. patent application Publication Number US 2003/0101134 A1 published to Liu et al. on May 29, 2003 teaches a method for transaction approval, including submitting a transaction approval request from a transaction site to a clearing agency; submitting a user authorization request from the clearing agency to a user device; receiving a response to the user authorization request; and sending a response to the transaction approval request from the clearing agency to the transaction site. Another method for transaction approval includes: submitting a transaction approval request from a transaction site to a clearing agency; determining whether a trusted transaction is elected; submitting a user authorization request from the clearing agency to a user device if a trusted transaction is determined to be elected; receiving a response to the user authorization request from the user device if the user authentication request was submitted; and sending a response to the transaction approval request from the clearing agency to the transaction site. A system for transaction approval includes a clearing agency for the transaction approval wherein the clearing agency having a function to request for user authorization, a network operatively coupled to the clearing agency, and a user device adapted to be operatively coupled to the network for trusted transaction approval.
U.S. patent application Publication Number US 2003/0187800 A1 published to Moore et al. on Oct. 2, 2003 teaches systems, methods, and program products for determining billable usage of a communications system wherein services are provided via instant communications. In some embodiments, there is provided for authorizing the fulfillment of service requests based upon information pertaining to a billable account.
U.S. patent application Publication Number US 2004/0111640 A1 published to Baum on Jun. 10, 2004 teaches methods and apparatus for determining, in a reliable manner, a port, physical location, and/or device identifier, such as a MAC address, associated with a device using an IP address and for using such information, e.g., to support one or more security applications. Supported security applications include restricting access to services based on the location of a device seeking access to a service, determining the location of stolen devices, and authenticating the location of the source of a message or other IP signal, e.g., to determine if a prisoner is contacting a monitoring service from a predetermined location.
U.S. patent application Publication Number US 2005/0159173 A1 published to Dowling on Jul. 21, 2005 teaches methods, apparatus, and business techniques for use in mobile network communication systems. A mobile unit, such as a smart phone, is preferably equipped with a wireless local area network connection and a wireless wide area network connection. The local area network connection is used to establish a position-dependent, e-commerce network connection with a wireless peripheral supplied by a vendor. The mobile unit is then temporarily augmented with the added peripheral services supplied by the negotiated wireless peripheral. Systems and methods allow the mobile unit to communicate securely with a remote server, even when the negotiated wireless peripheral is not fully trusted. Also included are mobile units, wireless user peripherals, and negotiated wireless peripherals projecting a non-area constrained user interface image on a display surface.
U.S. patent application Publication Number US 2005/0160280 A1 published to Caslin et al. on Jul. 21, 2005 teaches providing fraud detection in support of data communication services. A usage pattern associated with a particular account for remote access to a data network is monitored. The usage pattern is compared with a reference pattern specified for the account. A fraud alert is selectively generated based on the comparison.
U.S. patent application Publication Number US 2005/0180395 A1 published to Moore et al. on Aug. 18, 2005 teaches an approach for supporting a plurality of communication modes through universal identification. A core identifier is generated for uniquely identifying a user among a plurality of users within the communication system. One or more specific identifiers are derived based upon the core identifier. The specific identifiers serve as addressing information to the respective communication modes. The specific identifiers and the core identifier are designated as a suite of identifiers allocated to the user.
While these systems may be suitable for the particular purpose employed, or for general use, they would not be as suitable for the purposes of the present invention as disclosed hereafter.